Bao-Ping Cai,Wen-Chao Li,Yong-Hong Liu,Yan-Ping Zhang,Yi Zhao,Xiang-Di Kong,Zeng-Kai Liu,Ren-Jie Ji,Qiang Feng

DOI: https://doi.org/10.1016/j.petsci.2021.08.011

IF: 4.757

2021-12-01

Petroleum Science

Abstract:In this study, a novel safety integrity level (SIL) determination methodology of safety instrumented systems (SISs) with parameter uncertainty is proposed by combining multistage dynamic Bayesian networks (DBNs) and Monte Carlo simulation. A multistage DBN model for SIL determination with multiple redundant cells is established. The models of function inspection test interval and function inspection test stages are alternately connected to form the multistage DBNs. The redundant cells can have different M out of N voting system architectures. An automatic modeling of conditional probability between nodes is developed. The SIL determination of SISs with parameter uncertainty is constructed by using the multistage DBNs and Monte Carlo simulation. A high-pressure SIS in the export of oil wellplatform is adopted to demonstrate the application of the proposed approach. The SIL and availability of the SIS and its subsystems are obtained. The influence of single subsystem on the SIL and availability of the SIS is studied. The influence of single redundant element on the SIL and availability of the subsystem is analyzed. A user-friendly SIL determination software with parameter uncertainty is developed on MATLAB graphical user interface.

energy & fuels,engineering, petroleum

Yidan Shu,Jinsong Zhao

DOI: https://doi.org/10.1016/j.jlp.2014.03.013

IF: 3.916

2014-01-01

Journal of Loss Prevention in the Process Industries

Abstract:Safety integrity level (SIL) verification is a critical step in the life cycle of safety instrumented systems (SIS). For the chemical process industry (CPI), SIL verification often means calculation of average probability of failure on demand (PFDavg) of a SIS. Markov analysis covers most aspects of the quantitative safety evaluation and shows great flexibility. However, for a complex SIS, the model building is so cumbersome that industrial users always try to avoid using it. A simplified approach by conducting Markov analysis on each channel of a SIS with any type of architecture and combining the results together is proposed in this paper. A case study is performed and the results prove that the simplified approach can simplify Markov modeling without loss of accuracy if a proper common cause failure (CCF) model is adopted.

Baoping Cai,Wenchao Li,Yiliu Liu,Xiaoyan Shao,Yanping Zhang,Yi Zhao,Zengkai Liu,Renjie Ji,Yonghong Liu

DOI: https://doi.org/10.1016/j.ress.2021.107823

2021-11-01

Abstract:<p>A novel methodology for evaluation of safety instrumented systems (SISs) with heterogeneous components based on multi-stage dynamic Bayesian networks (MDBNs) is proposed. The unified evaluation model for <em>M</em>-out-of-<em>N</em> architectures based on MDBNs is constructed. An automatic modeling method of conditional probability tables for time-slice and inter-slice transitions is established. Average probability of failure on demand (<em>PFD_avg</em>) and probability of failing safety (<em>PFS</em>) of the structure can be calculated by the established model. A method for calculating the life-cycle cost of SISs is presented by using the results of system evaluation and specific cost details. A high-integrity pressure protection system (HIPPS) is adopted to demonstrate the application of the proposed approach. A MDBNs-based evaluation and cost analysis software of heterogeneous redundant structure is developed by using MATLAB graphical user interface. The analysis of system evaluation results and life-cycle cost can help the designer determine the configuration of the heterogeneous redundant structure.</p>

engineering, industrial,operations research & management science

Haitao Guo,Xianhui Yang

DOI: https://doi.org/10.1109/CCDC.2009.5194984

2009-01-01

Abstract:Costs as well as safety performance are usually taken into account in safety instrumented system design. Modeling a SIS is time consuming and fallible and altering a SIS design may lead to recreating the model, so it's difficult to compare one design with others effectively and quickly. Markov model and its automatic creation for SIS are described in this paper, followed by the analysis of SIS life cycle cost related to SIS design process. Then, optimization problem between safety performance and costs is established and how to solve it is discussed. By automatic Markov model creation and solving algorithm, average probability of failure on demand and costs can be calculated quickly and accurately, which enlightens a numerical way in achieving the optimal solution for the optimization problem. Optimization of performance and costs help not only getting an optimal design but also realizing the correct coupling relation between performance and costs.

Shu Yidan,Zhao Jinsong

DOI: https://doi.org/10.3969/j.issn.1001-4160.2011.12.023

2011-01-01

Abstract:Safety instrumented system(SIS) is important for safety of industrial production.IEC 61508 require the establishment of safety integrity levels(SIL) for all the SIS for confirmation that they meet the requirement for functional safety.SIS in process industry are commonly in low demand rate.Research andvances of SIL verification for SIS in this mode is reviewed in this article,with summary of research on common cause failure modeling and caculation of average probability of failure on demand(PFD_(avg)).In the aspect of caculation of PFD_(avg),three common methods are introduced,including reliability block diagram,fault tree analsis and Markov model.Finally,several commercial softwares with SIL verificition function are introduced.

Haitao Guo,Xianhui Yang

DOI: https://doi.org/10.1016/j.ress.2007.03.029

IF: 7.247

2008-01-01

Reliability Engineering & System Safety

Abstract:After the release of new international functional safety standards like IEC 61508, people care more for the safety and availability of safety instrumented systems. Markov analysis is a powerful and flexible technique to assess the reliability measurements of safety instrumented systems, but it is fallible and time-consuming to create Markov models manually. This paper presents a new technique to automatically create Markov models for reliability assessment of safety instrumented systems. Many safety related factors, such as failure modes, self-diagnostic, restorations, common cause and voting, are included in Markov models. A framework is generated first based on voting, failure modes and self-diagnostic. Then, repairs and common-cause failures are incorporated into the framework to build a complete Markov model. Eventual simplification of Markov models can be done by state merging. Examples given in this paper show how explosively the size of Markov model increases as the system becomes a little more complicated as well as the advancement of automatic creation of Markov models.

Baoping Cai,Yu Liu,Qian Fan

DOI: https://doi.org/10.1016/j.ress.2016.01.018

IF: 7.247

2016-01-01

Reliability Engineering & System Safety

Abstract:A novel safety integrity levels (SILs) determination methodology based on multiphase dynamic Bayesian networks (MDBNs) for safety instrumented systems is proposed. Proof test interval phase and proof test phase are modeled separately using dynamic Bayesian networks, and integrated together to form the MDBNs. The unified structure models of MDBNs for k-out-of-n architectures are constructed, and the procedures of automatic creation of conditional probability tables are developed. The target failure measures, that is, probability of failure on demand, average probability of failure on demand, probability of failing safely, average probability of failing safely, and SIL of safety instrumented systems operating in a low demand mode, are evaluated using the proposed MDBNs. The effects of time interval of MDBNs, common cause weight, imperfect proof test and repair on model precision are researched. User-friendly SIL determination software is developed by using MATLAB GUI to assist engineers in determining the SIL value.

GUO Haitao,YANG Xianhui

DOI: https://doi.org/10.3321/j.issn:1000-0054.2008.01.039

2008-01-01

Abstract:A Markov analysis technique was used to calculate reliability measures for safety systems that involve several typical reliability related factors. The calculations in the Markov model are reduced by prior iterative multiplications of the state transition matrix and the best iterative point. The results show that the probability of failure on demand increases as the number of iterations increases. Errors at the best iterative point are only 1%. Therefore, the technique is conservative, safe and accurate. Doubling of the proof test interval degrade safety integrity for one level, so a proper proof test interval is necessary to achieve the required safety integrity level.

Xiangyu Wang,Peng Jia,Hanyi Lizhang,Liquan Wang,Feihong Yun,Honghai Wang

DOI: https://doi.org/10.1109/access.2018.2889104

IF: 3.9

2018-01-01

IEEE Access

Abstract:Replacement of the subsea control module (SCM) and halting production caused by the failure of the SCM are costly, and the electrical control system plays a large role in the failure modes of the SCM. Hence, the analysis of its reliability and safety is important. Markov processes and the multiple beta factor model are used to model the reliability and safety for the electrical control system of the SCM that consider the effects of multiple factors, including the failure detection rate, common-cause failure, and the failure rate of each module, for evaluating system reliability and safety. The Morris screening method that is based on a large amount of random data with equal probability is applied to reliability and safety models that vary with time for quantifying the effect levels of each factor on the system reliability and safety in the time interval. The effect of each factor on the system and its interaction degree with other factors are evaluated in the time interval. Finally, the system model is simulated in MATLAB. The simulation demonstrates that the system reliability and safety gradually decrease and the effect of each factor on them increases over time; the reliability is most sensitive to the failure rates of the input, central processing unit, and output modules, whereas the safety is most sensitive to the failure detection rate. The common-cause failure and the comparator module have some effects on the reliability and safety of the system.

Guo Haitao,Yang Xianhui

DOI: https://doi.org/10.3969/j.issn.1001-4160.2007.04.019

2007-01-01

Abstract:For enhancing functional safety management on safety instrumented systems, a design of functional safety management software is presented based on the analysis of safety integrity level(SIL),safety requirement specification and safety integrity verification, which are included in safety life cycle. Hazard matrix and risk graph are two typical methods for SIL selection. Safety integrity verification uses Markov models and architecture constraints are also taken into account. The software is developed using C#. It can be used to assess not only safety but also availability for safety instrumented functions. Several types of report can be generated. The functional safety management software is a good tool and reference for correct functional safety management, helping users understanding the safety and availability of safety instrumented systems.

Yajuan CHI,Jianmin FU,Honghao LI,Jia ZHEN,Zhendong SHANG,Lei YUAN

DOI: https://doi.org/10.11731/j.issn.1673-193x.2018.03.020

2018-01-01

Abstract:The assessment methods of safety integrity level (SIL) for safety instrument system(SIS) aiming at the continu-ous process equipments have been put forward in IEC 61508 and IEC 61511. However,for the SIL assessment on the batch equipments,the influence level of the human factors has not been identified,and the corresponding calculation model has not been proposed. Taking the typical SIS of a batch producing equipment of LiPF6as example,the risk analysis was carried out by using the hazard and operability analysis(HAZOP) combined with the layer of protection analysis(LOPA). On the basis of determining the risk of personnel poisoning, asphyxiation, and combustion and explosion of the batch producing equip-ment,the SIL of SIS was determined and verified. According to the characteristic of high artificial dependence of the batch producing equipment,namely part of the SIS were not connected into the automatic interlocking and needed to be manually triggered,a model of human reliability was established to analyze the influence of human reliability on the SIL of SIS, and the improvement research was conducted. The results showed that the human factors have significant influence on SIL, and SIL can be improved by changing the redundancy structure and testing strategies of SIS components,combined with improving the human factor management measures.

Rong-yi ZHOU,An ZHONG,Jing-zhou REN,Hui-yong NIU

DOI: https://doi.org/10.11731/j.issn.1673-193x.2014.03.011

2014-01-01

Abstract:The paper intended to make a comparative study on the commonly used determination methods for safety integrity level( SIL) of safety related system. As it is known that the determination of safety integrity level is the basis and premise for designing safety related system,in order to avoid the inaccuracy of SIL due to improper selection of SIL determination methods,the commonly-used methods for SIL determination were comparatively studied, including consequence-only,risk matrix,modified HAZOP( Hazard and Operability Study),risk graph,LOPA( Layer of Protection Analysis) and quantitative analysis methods. Firstly,the concept and classification of SIL were described as well as its determination principle. Then these methods were compared and studied in terms of accuracy,quantification,work and difficulty in using according to the risk-based principle,and meanwhile,the factors considered during the selection of SIL determination methods were analyzed and discussed. The gained results are of certain application value and reference significance.

Qingzhu Liang,Yinghao Yang,Hang Zhang,Changhong Peng,Jianchao Lu

DOI: https://doi.org/10.1016/j.ress.2022.108373

2022-05-01

Abstract:One limitation of the Markov model is that the exponential growth in the number of states with increase of system complexity weakens the implementability of Markov-based state model construction for complex systems and magnifies the consumption of computational resources. This paper introduces a method for simplification in Markov state-based models for reliability assessment of complex safety systems based on decomposing the target system into independent sub-systems and adopting system-level failure rates of the sub-systems estimated individually by the developed formulas. Using failure rates of the sub-systems, a simplified model of the target system can be built easily. The proposed method was used to construct the simplified model for a typical reactor protection system found in nuclear power plants. The number of states in the simplified model is greatly reduced compared to the full model developed separately. Additionally, the results of the sensitivity analysis show that the deviation of the reliabilities of the system calculated by the simplified model and the full model is not higher than 0.0021% within the range of the model parameters; and the value of the validation metric indicates that the simplified model and the full model are in a high level of agreement.

engineering, industrial,operations research & management science

Xingya Dai,Wei Dong,Xinya Sun

DOI: https://doi.org/10.1109/itnec.2016.7560348

2016-01-01

Abstract:The Safety Computing System is a kind of system which asks for high safety and reliability. In order to rigorously analyze the safety and reliability of the M out of N system, abstracting running states of the system, and constructing a state transition model based on Markov Process. At the same time, the safety and reliability of the M out of N system are calculated on the basis of Markov Model. Finally comparing the M out of N system with the existing safety computing systems based on the computation of the safety and reliability. According to our results, the M out of N system has higher safety and reliability compared to the existing safety computing systems under the same average failure rate of the calculating cell. Especially, the system can satisfy the safety integrity level (SIL) 4, which means the system's probability of catastrophic failure is less than or equal to 10e-8 per hour. So, it can be applied to the high-speed railway systems.

FU Jianmin,LI Chengmei,DONG Jingbo,XIONG Tao,ZHANG Hongjie,LI Honghao

DOI: https://doi.org/10.3969/j.issn.1673-5005.2017.03.016

2017-01-01

Abstract:In order to reduce the impact of data missing or data uncertainties related to safety instrumented level,a method of finite difference approach for data uncertainty assessment of reliability estimates is introduced to analyze parameter sensitivity of different redundancy structures of low demand mode and high demand mode scenarios.The importance of parameters is ranked.Monte-Carlo simulation method is introduced to calculate important parameters and SIL confidence interval.A SIL verification method for scenarios of data uncertainty is established.This approach was done based on a case of flare knock-out drum.The results show that the approach of SIL verification considering data uncertainty is an effective method of SIL evaluation based on the actual engineering situation.The proposed method is superior to decrease the influence of data uncertainties on results of SIL verification.

Huixing Meng,Leila Kloul,Antoine Rauzy

DOI: https://doi.org/10.1016/j.ress.2018.06.026

IF: 7.247

2018-01-01

Reliability Engineering & System Safety

Abstract:Safety Instrumented Systems (SIS) act as important safety barriers in industrial systems for preventing hazardous accidents. It is therefore significant to study the reliability issues of SIS. As a matter of fact, SIS have common behaviors such as periodic test policies to discover dangerous undetected failures. Modeling patterns capitalize the experience from modeling SIS. By reusing modeling patterns, modeling mission can be simplified when assessing reliability and availability of systems. Few studies related to SIS have been conducted on patterns for reliability assessment. This paper proposes a pattern-based methodology for reliability assessment of SIS. To demonstrate the applicability, the proposed methodology is applied on an emergency depressurization system provided in an ISO technical report (ISO/TR 12489). The comparison is performed between results obtained using given modeling patterns and the ones from ISO/TR 12489. It is shown that the pattern-based methodology can serve as an effective tool for modeling SIS in a modular way.

Zhanguo MA,Minjun PENG,Hidekazu YOSHIKAWA,Huayu YUAN,Bo YANG

DOI: https://doi.org/10.1299/jsmeicone.2019.27.1538

2019-01-01

The Proceedings of the International Conference on Nuclear Engineering (ICONE)

Abstract:The software in the digital reactor protection system is the safety-critical software. During the design and development, the safety-critical software goes through the strict test, review, verification and validation. The software products have prominent characters such as i) dedicated software; ii) designed defense in depth; iii) designed with fault tolerance techniques; iv) designed with fail-safe mode; v) have redundant configuration; vi) must have low failure rates. In addition, the software for the safety-critical system must be verified and validated independently and the software life cycle development process must be reviewed rigorously. Furthermore, extensive tests are performed for the software to not only remove the faults but also increase the confidence and reliability level of the software. Therefore, the quality of the safety-critical software is much higher than the commercial software. As well as, the safety-critical software failure date is scarce in the nuclear power plants. Hence, the methods that can be applied for the commercial software reliability analysis are not adapted for the safety-critical software reliability analysis. Considering the characteristics of the safety-critical software, a reliability analysis method that can be adopted to the safety-critical software is proposed based on the statistical model checking method. The proposed method can be applied to the early phase and the later phase of the software development life cycle. When the method is applied at the early phase, the software design schemes and the reliability allocation strategies are justified; when it is applied at the later phase, the probability failure on demand and probability of spurious logic trigger of the safety-critical software are estimated.

Qing Sun,Lirong Cui,Gong Chen,Rong Pan

DOI: https://doi.org/10.1109/ICICTA.2009.370

2009-01-01

Abstract:There are working, fail-safe and fail-dangerous states in safety-critical manufacture systems. This paper presents three typical safety-critical manufacture system architecture models: series, parallel and series-parallel system, whose components lifetime distributions are general forms. Also the reliability related indices, such as the probabilities that the system in these states and the mean times for the system fail-safe and fail-dangerous, are derived respectively. And the relationships among the obtained indices of the three system architecture models are analyzed. Finally some numerical examples are employed to elaborate the results obtained in this paper. The derived indices formulas are new results and without component lifetime distribution assumptions, which have significant meaning for evaluating the manufacture system reliability and improving the manufacture system safety design.

jianghong jin,zongzhi wu,shoutang zhao,bin hu

DOI: https://doi.org/10.1142/9789814324700_0168

2010-01-01

Abstract:The transmitter, logic solver and final element of safety instrumented system(SIS) are always composed of non-identical redundant components. How to calculate the loss of safety for safety instrumented system including diverse redundancy was studied. Firstly, based on the loss of safety from different period, i.e. PFD, TIF and DTU, the models on loss of safety for SIS were set up. Secondly, The common cause failure became reduced because of the diverse redundancy. The common cause factor of diverse redundancy and the qualitative method on determining the diversity correction factor k were put forward. At last, The formulas for reliability of the applied safety instrumented system were given out. But how to accurately determine k needs to be farther studied.

JIN Jiang-hong,WU Zong-zhi,ZHAO Shou-tang,HU Bin

DOI: https://doi.org/10.3969/j.issn.1000-3932.2010.07.013

2010-01-01

Abstract:From the point of view on system safety,the performance assessment of safety instrumented system(SIS) should include all kinds of probability of failure for a safety function,and the more perfect performance assessment model of safety instrumented system based on different period probability of failure for a safety function was set up.According to the characteristic of the safety instrumented system on-line,the probability of failure for a safety function during the period of passive dormancy,process demand,maintenance and testing were considered and quantified.At last,the total probability of failure of a safety function for SIS was quantified.An application example indicates that this method is more reasonable.